AWS IoT Core features

AWS IoT Core is a platform that enables you to connect devices to AWS Services and other devices, secure data and interactions, process and act upon device data, enables applications to interact with devices even when they are offline and that allows you to produce low-cost Alexa built-in devices.

Key features

AWS IoT Device SDK

The AWS IoT Device SDK helps you easily and quickly connect your hardware device or your mobile application to AWS IoT Core. The AWS IoT Device SDK enables your devices to connect, authenticate, and exchange messages with AWS IoT Core using the MQTT, HTTP, or WebSockets protocols. The AWS IoT Device SDK supports C, JavaScript, and Arduino, and includes the client libraries, the developer guide, and the porting guide for manufacturers. You can also use an open source alternative or write your own SDK.

To learn more read the AWS IoT Device SDK documentation or get started by downloading the SDKs.

Device Gateway

The Device Gateway serves as the entry point for IoT devices connecting to AWS. The Device Gateway manages all active device connections and implements semantics for multiple protocols to ensure that devices are able to securely and efficiently communicate with AWS IoT Core. Currently the Device Gateway supports the MQTT, WebSockets, and HTTP 1.1 protocols. For devices that connect using MQTT or WebSockets the Device Gateway will maintain long lived, bidirectional connections, enabling these devices to send and receive messages at any time with low latency. The Device Gateway is fully managed and scales automatically to support over a billion devices without requiring you to manage any infrastructure. For customers migrating to AWS IoT, the Device Gateway offers capabilities to transition infrastructures with minimal impact to existing architectures and IoT devices. To learn more about Configurable Endpoints, read the documentation here.

Message Broker

The Message Broker is a high throughput pub/sub message broker that securely transmits messages to and from all of your IoT devices and applications with low latency. The flexible nature of the Message Broker’s topic structure allows you to send messages to, or receive messages from, as many devices as you would like. It supports messaging patterns ranging from one-to-one command and control messaging, to one-to-one million (or more!) broadcast notification systems and everything in between. In addition, you can set up fine grained access controls that enable you to manage the permissions of individual connections at the topic level, ensuring that your devices and applications will only send and receive the data that you want them to. The Message Broker is a fully managed service, so no matter how you choose to use it, it will scale automatically with your message volume without requiring you to run any infrastructure.

To learn more read the Message Broker section of the AWS IoT Core user guide.

Authentication and Authorization

AWS IoT Core provides mutual authentication and encryption at all points of connection, so that data is never exchanged between devices and AWS IoT Core without a proven identity. AWS IoT Core supports the AWS method of authentication (called ‘SigV4’), X.509 certificate based authentication, and customer created token based authentication (through custom authorizers.) Connections using HTTP can use any of these methods, while connections using MQTT use certificate based authentication, and connections using WebSockets can use SigV4 or custom authorizers. With AWS IoT Core you can use AWS IoT Core generated certificates, as well as those signed by your preferred Certificate Authority (CA). You can map your choice of policies to each certificate, so that you can authorize devices or applications to have access, or change your mind and revoke access altogether without ever touching the device.

You can create, deploy and manage certificates and policies for the devices from the console or using the API. Those device certificates can be provisioned, activated and associated with the relevant IoT policies that are configured using AWS IoT Core. This allows you to instantly revoke access for an individual device if you choose to do so. AWS IoT Core also supports connections from users’ mobile apps using Amazon Cognito, which takes care of all the steps necessary to create a unique identifier for your app’s users and retrieve temporary, limited-privilege AWS credentials. AWS IoT Core can also provide temporary AWS credentials after a device has authenticated with an X.509 certificate, so that the device can more easily access other AWS services such as DynamoDB or S3.

Fleet provisioning for AWS IoT Core makes it easy to onboard any number of manufactured devices to the cloud at scale. It provides an end-to-end managed device onboarding experience that sets up devices with unique digital identities and performs the device-side and cloud-side configuration needed for each device to connect and operate with AWS IoT automatically upon its first connection to AWS IoT Core. Fleet provisioning is offered at no additional charge to customers. To learn more about Fleet Provisioning, read Fleet provisioning documentation here.

Registry

The Registry establishes an identity for devices and tracks metadata such as the devices’ attributes and capabilities. The Registry assigns a unique identity to each device that is consistently formatted regardless of the type of device or how it connects. It also supports metadata that describes the capabilities of a device, for example whether a sensor reports temperature, and if the data are Fahrenheit or Celsius.

The Registry lets you store metadata about your devices at no additional charge, and metadata in the Registry does not expire as long as you access or update your registry entry at least once every 7 years. To learn more read the Registry section of the AWS IoT Core user guide.

Device Shadow

With AWS IoT Core, you can create a persistent, virtual version, or Device Shadow, of each device that includes the device’s latest state so that applications or other devices can read messages and interact with the device. The Device Shadow persists the last reported state and desired future state of each device even when the device is offline. You can retrieve the last reported state of a device or set a desired future state through the API or using the rules engine.

The Device Shadow makes it easier to build applications that interact with your devices by providing always available REST APIs. In addition, applications can set the desired future state of a device without accounting for the devices current state. AWS IoT Core will compare the difference between the desired and last reported state, and command the device to make up the difference.

The AWS IoT Device SDK makes it easy for your device to synchronize its state with its Device Shadow, and to respond to desired future states set via the Device Shadow.

The Device Shadow lets you store the state of your devices for up to a year for free. The Device Shadow persist forever if you update them at least once per year, otherwise they expire.

Rules Engine

The Rules Engine makes it possible to build IoT applications that gather, process, analyze and act on data generated by connected devices at global scale without having to manage any infrastructure. The Rules Engine evaluates inbound messages published into AWS IoT Core and transforms and delivers them to another device or a cloud service, based on business rules you define. A rule can apply to data from one or many devices, and it can take one or many actions in parallel.

You can author rules within the management console or write rules using a SQL-like syntax. Rules can be authored to behave differently depending upon the content of the message. For example, if a temperature reading exceeds a certain threshold it could trigger a rule to transmit data to AWS Lambda. Rules can also be authored to take into account other data in the cloud, such as data from other devices. For example you could say take an action if this temperature is more than 15% higher than the average of 5 other devices.

The Rules Engine provides dozens of available functions that can be used to transform your data, and it’s possible to create infinitely more via AWS Lambda. For example, if you’re dealing with a wide range of values you could take the average of incoming numbers. Rules can also trigger the execution of your Java, Node.js or Python code in AWS Lambda, giving you maximum flexibility and power to process device data.

Alexa Voice Service (AVS) Integration

Alexa Built-in is a category of devices created with the Alexa Voice Service (AVS) that have a microphone and speaker. You can talk to these products directly with the wake word “Alexa,” and receive voice responses and content instantly.

With the AVS Integration, you can cost-effectively scale to hundreds of millions of Alexa Built-in devices and accelerate your time to market with differentiated, voice-forward products. The AVS Integration for AWS IoT Core shifts media retrieval, audio decoding, audio mixing, and state management from a physical device to a new virtual Alexa Built-in device in the cloud. This lowers the cost of producing Alexa Built-in devices by up to 50% by reducing the hardware requirements from 50MB to 1MB of RAM and from ARM Cortex ‘A’ class microprocessors to ARM Cortex ‘M’ class microcontrollers.

Offloading compute and memory intensive workloads to the cloud and reducing the on-device requirements for integrating AVS makes it possible to bring Alexa to resource constrained, low-cost products such as light switches, thermostats, and small appliances. With new categories of Alexa Built-in devices available on the market, end users can now experience Alexa in new parts of their home, office, or hotel rooms for a truly ambient experience, where they talk directly to their surroundings rather than to an Alexa Family of Devices.

Our partners make it easy for you to get started by launching hardware development kits for AVS for AWS IoT. Development kits are enabled by real time operating system for microcontrollers like FreeRTOS and include out-of-the box connectivity to AWS IoT. Kits also remove the need to develop your voice application from scratch by including AVS qualified Audio Algorithms for Far-Field voice pickup, Echo Cancellation, and Alexa Wake Word as well as AVS for AWS IoT application code. Using the feature application code, you can quickly prototype a device and port the implementation to your chosen MCU design for testing and device production when you're ready.